Enterprise Manager 12c Agentless Automatic Target Discovery

Unlike previous releases OEM 12c can now detect and discover targets even before the management agents are deployed on managed hosts.
This agentless technology is based on using nmap which is an IP scanning utility.
Once targets are discovered, we can use the promotion process to convert these unmanaged hosts into managed hosts by deploying the management agents on these hosts.
We can schedule regular jobs using an existing management agent to continually perform scans so that when new Oracle components are added to our infrastructure they are automatically discovered and brought under OEM12c management.
Since the entire network will be scanned, the Sudo Privilege Delegation must be set on the Management Agent host that will perform the scan.
To set up  Privilege Delegation, we need to add the following lines to the /etc/sudoers file as shown below.
oracle ALL=(root) /u01/app/oracle/agent12c/sbin/nmosudo *
Note – in versions prior to Enterprise Manager Cloud Control 12c Release 2 (12.1.0.2), nmosudo was located in the agent instance directory and not in the sbin directory. For example, /u01/oracle/agent/agent_inst/bin/nmosudo

Fron the Setup - Security – Privilege Delegation menu



Add the line in the Sudo Command field (location of sudo executable)(
/usr/bin/sudo -u %RUNAS% %COMMAND%


Click on Update



Click on preferred credentials
Select the host and then click on Set icon



Click on the Test icon.
Select Custom in the Test Type list of values
In the Command  enter ‘id’
We can see that the id command has been executed not by the oracle user but by the root user – so our Privelege Delegation setting is configured now in OEM 12c


From the Setup – Add Target – Configure Auto Discovery menu


Click on Host and Oracle VM Manager using IP Scan


Click on Create and the click on Add
Here we will add the host and management agent which is going to perform the nmap scan for us – note that this is the target where we have configured Privilege Delegation in a previous step



We can provide a name for the IP scan job and enter either the IP address or range of IP addresses to scan and we can also enter just a hostname or group of hostnames to scan.
For the given host or IP address or range of IP addresses we can specify which ports we want to scan.
In this case for example we have added the listener port 1523 to the list of default ports for scanning which are supplied out of the box.




Once the IP scanning job has been completed, we can check the status from the Setup – Add Target – Auto Discovery Results
We can see that on the provided IP address to scan  a host running on the Linux platform has been discovered. We can then click on the Promote button which will bring us to the Add Host Targets wizard from where we can  automatically deploy the 12c management agent.